Secunia Security Advisory - Trustix has issued an update for multiple packages. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions, gain escalated privileges, poison the DNS cache, cause a DoS (Denial of Service), and potentially compromise a user's system.
03ec305585487ae34d0aab1c2fb4cc814e2905fc3ff6206e9e1d9de10004ccde
----------------------------------------------------------------------
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and
categorises it as either Insecure, End-of-Life, or Up-To-Date.
Effectively enabling you to focus your attention on software
installations where more secure versions are available from the
vendors.
Download the free PSI BETA from the Secunia website:
https://psi.secunia.com/
----------------------------------------------------------------------
TITLE:
Trustix Update for Multiple Packages
SECUNIA ADVISORY ID:
SA26231
VERIFY ADVISORY:
http://secunia.com/advisories/26231/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Spoofing, Privilege escalation, DoS, System access
WHERE:
>From remote
OPERATING SYSTEM:
Trustix Secure Linux 2.2
http://secunia.com/product/4641/
DESCRIPTION:
Trustix has issued an update for multiple packages. This fixes some
vulnerabilities and a weakness, which can be exploited by malicious,
local users to bypass certain security restrictions, and by malicious
people to bypass certain security restrictions, gain escalated
privileges, poison the DNS cache, cause a DoS (Denial of Service),
and potentially compromise a user's system.
For more information:
SA24678
SA24824
SA25378
SA25456
SA25829
SA26038
SA26104
SA26135
SA26152
SOLUTION:
Apply updated packages.
d3c601bd616c19da0da2180e7029cc2c 2.2/rpms/bind-9.3.4-3tr.i586.rpm
ba5ab37e1c1f98b73ecf7988cafafc10
2.2/rpms/bind-devel-9.3.4-3tr.i586.rpm
c5173096b50c73537bc149a24074ab47
2.2/rpms/bind-libs-9.3.4-3tr.i586.rpm
ec8157264cccbe97f111647682625ed0
2.2/rpms/bind-light-9.3.4-3tr.i586.rpm
e58d3dac7a5ed83a33291dc0493d07fc
2.2/rpms/bind-light-devel-9.3.4-3tr.i586.rpm
701f16b002778ca84844b85d2adff688
2.2/rpms/bind-utils-9.3.4-3tr.i586.rpm
d0f1c9fb436123f8d0a9d7e1af85c885 2.2/rpms/clamav-0.91-1tr.i586.rpm
f296443ddff0566e9d474643ff33b962
2.2/rpms/clamav-devel-0.91-1tr.i586.rpm
3f9a03adaa1171d960cdbfe08ea6795b 2.2/rpms/curl-7.15.3-3tr.i586.rpm
5332054611bdba805908521670783b96
2.2/rpms/curl-devel-7.15.3-3tr.i586.rpm
60489eeffd8bf5958fde66628a343974
2.2/rpms/mod_perl-2.0.0-5tr.i586.rpm
dd0202812215babf987e20525ec940db
2.2/rpms/mod_perl-devel-2.0.0-5tr.i586.rpm
5f1b350a7ea7ef3d7964259a179ebb3a
2.2/rpms/perl-net-dns-0.48-3tr.i586.rpm
6e4d88ef05463a6895bded9a04d6c417 2.2/rpms/php-5.2.3-1tr.i586.rpm
df38a5edbb2d8d5836173206fb4aa51e
2.2/rpms/php-cli-5.2.3-1tr.i586.rpm
b7358a367b60569d7198fea6d3d0f0cd
2.2/rpms/php-curl-5.2.3-1tr.i586.rpm
335875d9db23623630c8e7a2f7ff6b35
2.2/rpms/php-devel-5.2.3-1tr.i586.rpm
f445894ec53b9b0d7ec69c38e37db59f
2.2/rpms/php-exif-5.2.3-1tr.i586.rpm
6dfbf73af362155eb654b3bbf5900fe2
2.2/rpms/php-fcgi-5.2.3-1tr.i586.rpm
79dc33da7ef677c44241b4985acd6e0f 2.2/rpms/php-gd-5.2.3-1tr.i586.rpm
ac208d692c6868c07d787b72405b77ec
2.2/rpms/php-imap-5.2.3-1tr.i586.rpm
281562426b06aaa035569925354b08a3
2.2/rpms/php-ldap-5.2.3-1tr.i586.rpm
3aceb6b5e05e0949959a90f762172c6a
2.2/rpms/php-mcrypt-5.2.3-1tr.i586.rpm
7dc951138c0d5abf8a8437eec57d734e
2.2/rpms/php-mhash-5.2.3-1tr.i586.rpm
698e5c3b296094a84600673439a8ba2e
2.2/rpms/php-mssql-5.2.3-1tr.i586.rpm
f76695798ecf9f0c3c4005e309a97010
2.2/rpms/php-mysql-5.2.3-1tr.i586.rpm
063183e965f09e8c0581d4a21c31accb
2.2/rpms/php-mysqli-5.2.3-1tr.i586.rpm
f04605d40bfed9290308d47c3464ac0c
2.2/rpms/php-openssl-5.2.3-1tr.i586.rpm
227afb0b6004cd4e07d2e276cc639b34
2.2/rpms/php-pdo-mysql-5.2.3-1tr.i586.rpm
5854d898328e4446c3d4b36e7b454695
2.2/rpms/php-pdo-sqlite-5.2.3-1tr.i586.rpm
eed1a233aef2fdddd4d1961b2bc2a7c2
2.2/rpms/php-pgsql-5.2.3-1tr.i586.rpm
9ef05f267ba75169f28298783372a8ad
2.2/rpms/php-sqlite-5.2.3-1tr.i586.rpm
c20518aaa32dd4b9b2f906c96c99b0c8
2.2/rpms/php-zlib-5.2.3-1tr.i586.rpm
f9031f0f637cabfbf0113743a5d1ac8d 2.2/rpms/tcpdump-3.8.3-4tr.i586.rpm
ORIGINAL ADVISORY:
http://www.trustix.org/errata/2007/0023/
OTHER REFERENCES:
SA24678:
http://secunia.com/advisories/24678/
SA24824:
http://secunia.com/advisories/24824/
SA25378:
http://secunia.com/advisories/25378/
SA25456:
http://secunia.com/advisories/25456/
SA25829:
http://secunia.com/advisories/25829/
SA26038:
http://secunia.com/advisories/26038/
SA26104:
http://secunia.com/advisories/26104/
SA26135:
http://secunia.com/advisories/26135/
SA26152:
http://secunia.com/advisories/26152/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------